UbuntuUpdates.org

Package "mariadb-server"

Name: mariadb-server

Description:

MariaDB database server (metapackage depending on the latest version)

Latest version: 1:10.1.48-0ubuntu0.18.04.1
Release: bionic (18.04)
Level: updates
Repository: universe
Head package: mariadb-10.1
Homepage: https://mariadb.org/

Links


Download "mariadb-server"


Other versions of "mariadb-server" in Bionic

Repository Area Version
base universe 1:10.1.29-6
security universe 1:10.1.48-0ubuntu0.18.04.1

Changelog

Version: 1:10.1.40-0ubuntu0.18.04.1 2019-06-05 20:07:12 UTC

  mariadb-10.1 (1:10.1.40-0ubuntu0.18.04.1) bionic-security; urgency=medium

  * SECURITY UPDATE: New upstream version 10.1.40. Includes previous
    upstream release 10.1.39 which included fixes for the following
    security vulnerabilities:
    - CVE-2019-2627
    - CVE-2019-2614
  * Amend previous changelog entries to include newly released CVE numbers.
  * Skip test 'innodb_ft_result_cache_limit_32' on s390x introduced as
    disabled in 10.1.37 and enabled in 10.1.38. The test failure is
    insignificant. See upstream ssue MDEV-19387 for details.

 -- Otto Kekäläinen <email address hidden> Mon, 20 May 2019 09:00:47 +0300

Source diff to previous version
CVE-2019-2627 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.
CVE-2019-2614 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.43 and

Version: 1:10.1.38-0ubuntu0.18.04.2 2019-05-13 12:07:31 UTC

  mariadb-10.1 (1:10.1.38-0ubuntu0.18.04.2) bionic; urgency=medium

  * Restore tests to stop autopkgtest failures, by adding commits
    from debian git (salsa) listed below (LP: #1824335)
  * Revert "Remove the mariadb-test-* packages"
    - debian commit 96d3f8abcbe51894d0a5f7c7cadd5219e0dc2823
  * Omit test plugins as they are not used by the tests and
    already deleted
    - debian commit 902dffe6683e43d5134b9c9b9057b42372cd47fc
  * Define autopkgtest with isolation-container to allow service
    - debian commit 596c2581176102b29751786e5d8fac05dde3a3e4
  * Utilize upstream unstable-tests list in tests/upstream
    mysql-test-run
    - debian commit 33d85312840a625c1d607601b77c45f138405cfe
  * Fix typo in commit 33d853128 so skip list is not reset when
    adding lines
    - debian commit 18480afc86838a28cd9ba89e942330c2038011e2
  * Mark selected tests as unstable so they don't stop the whole
    upload in vain
    - debian commit d44ece56d7e54c7940bebe6a4614a03c1c8621f2
  * Disable test unit.pcre_test on s390x that was failing in
    stretch-security
    - debian commit d44ece56d7e54c7940bebe6a4614a03c1c8621f2

 -- Dan Streetman <email address hidden> Fri, 12 Apr 2019 12:34:00 -0400

Source diff to previous version
1824335 autopkgtest always fails with \

Version: 1:10.1.38-0ubuntu0.18.04.1 2019-02-07 22:07:27 UTC

  mariadb-10.1 (1:10.1.38-0ubuntu0.18.04.1) bionic-security; urgency=medium

  * SECURITY UPDATE: New upstream release 10.1.38. Includes fixes for
    the following security vulnerabilities (LP: #1814258):
    - CVE-2019-2537
    - CVE-2019-2529
  * Remove non-applying Hurd patch as Ubuntu does not ship Hurd anyway
  * Use list-missing instead of fail in d/rules so builds pass
  * Add (and rename) new man pages
  * Previous upstream version 10.1.37 included fixes for the following
    security vulnerabilities:
    - CVE-2018-3282
    - CVE-2018-3251
    - CVE-2018-3174
    - CVE-2018-3156
    - CVE-2018-3143
    - CVE-2016-9843
  * Previous upstream version 10.1.36 included fixes for the following
    security vulnerabilities:
    - CVE-2019-2503
  * Previous upstream version 10.1.35 included fixes for the following
    security vulnerabilities:
    - CVE-2018-3066
    - CVE-2018-3064
    - CVE-2018-3063
    - CVE-2018-3058

 -- Otto Kekäläinen <email address hidden> Wed, 06 Feb 2019 07:53:10 +0200

Source diff to previous version
1814258 USN-3867-1: Partially applies to MariaDB too
CVE-2019-2537 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.42 and prior, 5
CVE-2019-2529 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and pr
CVE-2018-3282 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Storage Engines). Supported versions that are affected are 5.5.61
CVE-2018-3251 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior, 5.7.23
CVE-2018-3174 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.61 and prio
CVE-2018-3156 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior, 5.7.23
CVE-2018-3143 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior, 5.7.23
CVE-2016-9843 The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian C
CVE-2019-2503 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection Handling). Supported versions that are affected are 5.6
CVE-2018-3066 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 5.5.60 and prio
CVE-2018-3064 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.40 and prior, 5.7.22
CVE-2018-3063 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.
CVE-2018-3058 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: MyISAM). Supported versions that are affected are 5.5.60 and prior, 5.6.40

Version: 1:10.1.34-0ubuntu0.18.04.1 2018-08-02 19:07:22 UTC

  mariadb-10.1 (1:10.1.34-0ubuntu0.18.04.1) bionic-security; urgency=medium

  * SECURITY UPDATE: New upstream release 10.1.34. Includes fixes for
    the security vulnerabilities from previous releases (LP: #1779715).
  * Previous upstream version 10.1.33 included fixes for the following
    security vulnerabilities:
    - CVE-2018-2819
    - CVE-2018-2817
    - CVE-2018-2813
    - CVE-2018-2787
    - CVE-2018-2784
    - CVE-2018-2782
    - CVE-2018-2781
    - CVE-2018-2771
    - CVE-2018-2766
    - CVE-2018-2761
    - CVE-2018-2755
  * Previous upstream version 10.1.31 included fixes for the following
    security vulnerabilities:
    - CVE-2018-2668
    - CVE-2018-2665
    - CVE-2018-2640
    - CVE-2018-2622
    - CVE-2018-2612
    - CVE-2018-2562
  * Previous upstream version 10.1.30 included fixes for the following
    security vulnerabilities:
    - CVE-2017-15365

  [ Otto Kekäläinen ]
  * Update VCS-* links to point to the new source repository
  * Update Maintainer in d/control for Ubuntu repositories
  * Delete unnecessary systemd files introduced by upstream
  * Add new files introduced by upstream to correct packages

  [ Vicențiu Ciorbaru ]
  * Extend libmariadbclient-rename.patch to cover TokuDB as well
  * Disable disks.disks test

 -- Otto Kekäläinen <email address hidden> Sun, 08 Jul 2018 11:14:42 +0300

1779715 USN-3629-3: partially applies to MariaDB too
CVE-2018-2819 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.5.59 and prior, 5.6.39
CVE-2018-2817 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior, 5
CVE-2018-2813 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior, 5
CVE-2018-2787 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7
CVE-2018-2784 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7
CVE-2018-2782 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7
CVE-2018-2781 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.59 and pr
CVE-2018-2771 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Locking). Supported versions that are affected are 5.5.59 and prio
CVE-2018-2766 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7
CVE-2018-2761 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.59 and prio
CVE-2018-2755 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.59 and
CVE-2018-2668 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and pr
CVE-2018-2665 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and pr
CVE-2018-2640 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and pr
CVE-2018-2622 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.58 and prior, 5
CVE-2018-2612 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.38 and prior and 5.7
CVE-2018-2562 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). Supported versions that are affected are 5.5.58 and p
CVE-2017-15365 Replication in sql/event_data_objects.cc occurs before ACL checks



About   -   Send Feedback to @ubuntu_updates